Highly persistent Android Spyware called Skygofree discovered that has been developed with many advance futures to steal as many as data from victims and malware authors are keep adding many sophisticated Futures since 2014.

Researchers found many malicious web pages that mimic as mobile operator page which is using for spreading this Android spyware and those pages are registered by an attacker since 2015 and most recent domain registered in 2017.

This Malware has some dangerous stealing functions such as record audio surroundings via the microphone when an infected device is in a specified location, stealing of WhatsApp messages via Accessibility Services also it can enter into an infected wifi network.

Since the beginning of this malware evolution, its future keep changing many times and every time malware authors added many advance functionality and obfusticated techniques.

Some of the other versions of this malware also detected which has some extreme capability such as exfiltrate the data, like call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device.

The exploit payload code shared many similar capabilities of public android rooting tools

It also using a tool called busybox that provides several Linux tools in a single ELF file to steal the Whatsup encryption key

Skygofree using social payload to other installed social media applications such as facebook messenger, whatsup, viber, and Line.

According to Trend Micro, As mentioned, we observed a payload that exclusively targets the WhatsApp messenger and it does so in an original way. The payload uses the Android Accessibility Service to get information directly from the displayed elements on the screen, so it waits for the targeted application to be launched and then parses all nodes to find text messages.

Aslo researchers found multiple components that form an entire spyware system for the Windows platform.

These windows components also having some advance stealing futures such as sending data, keylogging, screenshot capturing and recording Skype calls.

Researchers believes that the Skygofree Android implant is one of the most powerful spyware tools As a result of the long-term development process, there are multiple, exceptional capabilities.